Allow IP CIDR or Range as source/dest groups

Adds a new validator specific to source and destination policy groups. NSX-T can accept an IP, Range, CIDR, or a Group Path as a source and/or destination group through the security policy interface. Updates the getSecurityPolicyAndGatewayRulesSchema function to use the new validator. Updates docs to reference IP, Range, and CIDR as valid source / destination groups. Also include reference for using empty set to specify "ANY". Resolves: Issue vmware#584
akgiesler · Mar 12, 2021 · 23b612d · 23b612d
1 parent 7860cf2
commit 23b612d
Show file tree

Hide file tree

Showing 6 changed files with 791 additions and 6 deletions.
diff --git a/nsxt/policy_common.go b/nsxt/policy_common.go
@@ -162,7 +162,7 @@ func getSecurityPolicyAndGatewayRulesSchema(scopeRequired bool, isIds bool) *sch
 			Description: "List of destination groups",
 			Elem: &schema.Schema{
 				Type:         schema.TypeString,
-				ValidateFunc: validatePolicyPath(),
+				ValidateFunc: validatePolicySourceDestinationGroups(),
 			},
 			Optional: true,
 		},
@@ -241,7 +241,7 @@ func getSecurityPolicyAndGatewayRulesSchema(scopeRequired bool, isIds bool) *sch
 			Description: "List of source groups",
 			Elem: &schema.Schema{
 				Type:         schema.TypeString,
-				ValidateFunc: validatePolicyPath(),
+				ValidateFunc: validatePolicySourceDestinationGroups(),
 			},
 			Optional: true,
 		},